build: publish

build: trigger build image
v1.37.11
2026-04-28 07:57:25 +08:00 · 2025-11-29 04:17:51 +08:00 · 2025-11-29 04:17:34 +08:00 · 2025-11-29 04:15:57 +08:00 · 2025-11-29 04:13:44 +08:00 · 2025-11-29 04:10:55 +08:00
48 changed files with 448 additions and 173 deletions
@@ -3,6 +3,23 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.

+## [1.37.11](https://github.com/certd/certd/compare/v1.37.10...v1.37.11) (2025-11-28)
+
+### Bug Fixes
+
+* 修复阿里云 waf tlsVersion参数缺失导致部署失败的问题 ([2fabee6](https://github.com/certd/certd/commit/2fabee647acf64afe689f5bea3603028cd0ba4a2))
+* 修复备注撑开表格行高的bug ([c7b298c](https://github.com/certd/certd/commit/c7b298c46f0d52b43bd2bb17b374e7970a446446))
+* 修复域名管理无法创建tencent-eo dns授权的bug ([3406bb5](https://github.com/certd/certd/commit/3406bb5a4a56bb310cddc1a1f410c70909fd129b))
+* openapi 成功后失败都返回msg ([6e735bb](https://github.com/certd/certd/commit/6e735bbd1e29712e939f775a4db974db70e3b4b0))
+
+### Performance Improvements
+
+*  ssh支持ppk格式私钥 ([575ae16](https://github.com/certd/certd/commit/575ae164c863d0b1f9fa0890549a2ee7472fb469))
+* 优化宝塔网站证书在并发部署时导致nginx配置文件错乱的问题 ([51cc084](https://github.com/certd/certd/commit/51cc08411fd2dbab66d769b495dc1b0bf2f2578c))
+* 优化天翼云cdn 等待5秒部署完成 ([53c88ad](https://github.com/certd/certd/commit/53c88ad5afe66a3f7c38b9b759747918913a4edc))
+* 支持oidc单点登录 ([ec75afb](https://github.com/certd/certd/commit/ec75afbc44139dbe9da534d8a8c08a5b91f86d3c))
+* ssl.com支持ecc ([b5ec047](https://github.com/certd/certd/commit/b5ec04723db48422f71041f4043002e7f5b450b1))
+
 ## [1.37.10](https://github.com/certd/certd/compare/v1.37.9...v1.37.10) (2025-11-19)

 ### Performance Improvements
@@ -3,6 +3,23 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.

+## [1.37.11](https://github.com/certd/certd/compare/v1.37.10...v1.37.11) (2025-11-28)
+
+### Bug Fixes
+
+* 修复阿里云 waf tlsVersion参数缺失导致部署失败的问题 ([2fabee6](https://github.com/certd/certd/commit/2fabee647acf64afe689f5bea3603028cd0ba4a2))
+* 修复备注撑开表格行高的bug ([c7b298c](https://github.com/certd/certd/commit/c7b298c46f0d52b43bd2bb17b374e7970a446446))
+* 修复域名管理无法创建tencent-eo dns授权的bug ([3406bb5](https://github.com/certd/certd/commit/3406bb5a4a56bb310cddc1a1f410c70909fd129b))
+* openapi 成功后失败都返回msg ([6e735bb](https://github.com/certd/certd/commit/6e735bbd1e29712e939f775a4db974db70e3b4b0))
+
+### Performance Improvements
+
+*  ssh支持ppk格式私钥 ([575ae16](https://github.com/certd/certd/commit/575ae164c863d0b1f9fa0890549a2ee7472fb469))
+* 优化宝塔网站证书在并发部署时导致nginx配置文件错乱的问题 ([51cc084](https://github.com/certd/certd/commit/51cc08411fd2dbab66d769b495dc1b0bf2f2578c))
+* 优化天翼云cdn 等待5秒部署完成 ([53c88ad](https://github.com/certd/certd/commit/53c88ad5afe66a3f7c38b9b759747918913a4edc))
+* 支持oidc单点登录 ([ec75afb](https://github.com/certd/certd/commit/ec75afbc44139dbe9da534d8a8c08a5b91f86d3c))
+* ssl.com支持ecc ([b5ec047](https://github.com/certd/certd/commit/b5ec04723db48422f71041f4043002e7f5b450b1))
+
 ## [1.37.10](https://github.com/certd/certd/compare/v1.37.9...v1.37.10) (2025-11-19)

 ### Performance Improvements
@@ -72,7 +72,7 @@
 | 3.| **阿里云-部署证书至CDN** | 自动部署域名证书至阿里云CDN | 
 | 4.| **阿里云-部署证书至DCDN** | 依赖证书申请前置任务，自动部署域名证书至阿里云DCDN | 
 | 5.| **阿里云-部署证书至OSS** | 部署域名证书至阿里云OSS自定义域名，不是上传到阿里云oss | 
-| 6.| **阿里云-上传证书到阿里云CAS** | 上传证书到阿里云数字证书管理服务（CAS），注意：不会部署到任何应用上；如果不想在阿里云上同一份证书上传多次，可以把此任务作为前置任务，其他阿里云任务证书那一项选择此任务的输出 | 
+| 6.| **阿里云-上传证书到CAS** | 上传证书到阿里云证书管理服务（CAS），如果不想在阿里云上同一份证书上传多次，可以把此任务作为前置任务，其他阿里云任务证书那一项选择此任务的输出 | 
 | 7.| **阿里云-部署至阿里云WAF** | 部署证书到阿里云WAF | 
 | 8.| **阿里云-部署至ALB（应用负载均衡）** | ALB,更新监听器的默认证书 | 
 | 9.| **阿里云-部署至NLB（网络负载均衡）** | NLB,网络负载均衡,更新监听器的默认证书 | 
@@ -9,5 +9,5 @@
    }
  },
  "npmClient": "pnpm",
-  "version": "1.37.10"
+  "version": "1.37.11"
 }
@@ -3,6 +3,12 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.

+## [1.37.11](https://github.com/publishlab/node-acme-client/compare/v1.37.10...v1.37.11) (2025-11-28)
+
+### Performance Improvements
+
+* ssl.com支持ecc ([b5ec047](https://github.com/publishlab/node-acme-client/commit/b5ec04723db48422f71041f4043002e7f5b450b1))
+
 ## [1.37.10](https://github.com/publishlab/node-acme-client/compare/v1.37.9...v1.37.10) (2025-11-19)

 **Note:** Version bump only for package @certd/acme-client
@@ -3,7 +3,7 @@
    "description": "Simple and unopinionated ACME client",
    "private": false,
    "author": "nmorsman",
-    "version": "1.37.10",
+    "version": "1.37.11",
    "type": "module",
    "module": "scr/index.js",
    "main": "src/index.js",
@@ -18,7 +18,7 @@
        "types"
    ],
    "dependencies": {
-        "@certd/basic": "^1.37.10",
+        "@certd/basic": "^1.37.11",
        "@peculiar/x509": "^1.11.0",
        "asn1js": "^3.0.5",
        "axios": "^1.7.2",
@@ -70,5 +70,5 @@
    "bugs": {
        "url": "https://github.com/publishlab/node-acme-client/issues"
    },
-    "gitHead": "eb41a3655fe91af94f1c42a51aaa9122edfcf40e"
+    "gitHead": "9acac86ed58616fef31ec4d63021bb221429a425"
 }
@@ -3,6 +3,14 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.

+## [1.37.11](https://github.com/certd/certd/compare/v1.37.10...v1.37.11) (2025-11-28)
+
+### Performance Improvements
+
+* 优化宝塔网站证书在并发部署时导致nginx配置文件错乱的问题 ([51cc084](https://github.com/certd/certd/commit/51cc08411fd2dbab66d769b495dc1b0bf2f2578c))
+* 优化天翼云cdn 等待5秒部署完成 ([53c88ad](https://github.com/certd/certd/commit/53c88ad5afe66a3f7c38b9b759747918913a4edc))
+* ssl.com支持ecc ([b5ec047](https://github.com/certd/certd/commit/b5ec04723db48422f71041f4043002e7f5b450b1))
+
 ## [1.37.10](https://github.com/certd/certd/compare/v1.37.9...v1.37.10) (2025-11-19)

 **Note:** Version bump only for package @certd/basic
@@ -1 +1 @@
-23:49
+04:13
@@ -1,7 +1,7 @@
 {
  "name": "@certd/basic",
  "private": false,
-  "version": "1.37.10",
+  "version": "1.37.11",
  "type": "module",
  "main": "./dist/index.js",
  "module": "./dist/index.js",
@@ -47,5 +47,5 @@
    "tslib": "^2.8.1",
    "typescript": "^5.4.2"
  },
-  "gitHead": "eb41a3655fe91af94f1c42a51aaa9122edfcf40e"
+  "gitHead": "9acac86ed58616fef31ec4d63021bb221429a425"
 }
@@ -9,7 +9,7 @@ export class Locker {
  }

  async execute(lockStr: string, callback: any, options?: { timeout?: number }) {
-    const timeout = options?.timeout ?? 20000;
+    const timeout = options?.timeout ?? 120000;
    return this.asyncLocker.acquire(lockStr, callback, { timeout });
  }
 }
@@ -3,6 +3,10 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.

+## [1.37.11](https://github.com/certd/certd/compare/v1.37.10...v1.37.11) (2025-11-28)
+
+**Note:** Version bump only for package @certd/pipeline
+
 ## [1.37.10](https://github.com/certd/certd/compare/v1.37.9...v1.37.10) (2025-11-19)

 **Note:** Version bump only for package @certd/pipeline
@@ -1,7 +1,7 @@
 {
  "name": "@certd/pipeline",
  "private": false,
-  "version": "1.37.10",
+  "version": "1.37.11",
  "type": "module",
  "main": "./dist/index.js",
  "module": "./dist/index.js",
@@ -18,8 +18,8 @@
    "compile": "tsc --skipLibCheck --watch"
  },
  "dependencies": {
-    "@certd/basic": "^1.37.10",
-    "@certd/plus-core": "^1.37.10",
+    "@certd/basic": "^1.37.11",
+    "@certd/plus-core": "^1.37.11",
    "dayjs": "^1.11.7",
    "lodash-es": "^4.17.21",
    "reflect-metadata": "^0.1.13"
@@ -45,5 +45,5 @@
    "tslib": "^2.8.1",
    "typescript": "^5.4.2"
  },
-  "gitHead": "eb41a3655fe91af94f1c42a51aaa9122edfcf40e"
+  "gitHead": "9acac86ed58616fef31ec4d63021bb221429a425"
 }
@@ -3,6 +3,10 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.

+## [1.37.11](https://github.com/certd/certd/compare/v1.37.10...v1.37.11) (2025-11-28)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
 ## [1.37.10](https://github.com/certd/certd/compare/v1.37.9...v1.37.10) (2025-11-19)

 **Note:** Version bump only for package @certd/lib-huawei
@@ -1,7 +1,7 @@
 {
  "name": "@certd/lib-huawei",
  "private": false,
-  "version": "1.37.10",
+  "version": "1.37.11",
  "main": "./dist/bundle.js",
  "module": "./dist/bundle.js",
  "types": "./dist/d/index.d.ts",
@@ -24,5 +24,5 @@
    "prettier": "^2.8.8",
    "tslib": "^2.8.1"
  },
-  "gitHead": "eb41a3655fe91af94f1c42a51aaa9122edfcf40e"
+  "gitHead": "9acac86ed58616fef31ec4d63021bb221429a425"
 }
@@ -3,6 +3,10 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.

+## [1.37.11](https://github.com/certd/certd/compare/v1.37.10...v1.37.11) (2025-11-28)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
 ## [1.37.10](https://github.com/certd/certd/compare/v1.37.9...v1.37.10) (2025-11-19)

 **Note:** Version bump only for package @certd/lib-iframe
@@ -1,7 +1,7 @@
 {
  "name": "@certd/lib-iframe",
  "private": false,
-  "version": "1.37.10",
+  "version": "1.37.11",
  "type": "module",
  "main": "./dist/index.js",
  "module": "./dist/index.js",
@@ -31,5 +31,5 @@
    "tslib": "^2.8.1",
    "typescript": "^5.4.2"
  },
-  "gitHead": "eb41a3655fe91af94f1c42a51aaa9122edfcf40e"
+  "gitHead": "9acac86ed58616fef31ec4d63021bb221429a425"
 }
@@ -3,6 +3,12 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.

+## [1.37.11](https://github.com/certd/certd/compare/v1.37.10...v1.37.11) (2025-11-28)
+
+### Performance Improvements
+
+*  ssh支持ppk格式私钥 ([575ae16](https://github.com/certd/certd/commit/575ae164c863d0b1f9fa0890549a2ee7472fb469))
+
 ## [1.37.10](https://github.com/certd/certd/compare/v1.37.9...v1.37.10) (2025-11-19)

 **Note:** Version bump only for package @certd/jdcloud
@@ -1,6 +1,6 @@
 {
  "name": "@certd/jdcloud",
-  "version": "1.37.10",
+  "version": "1.37.11",
  "description": "jdcloud openApi sdk",
  "main": "./dist/bundle.js",
  "module": "./dist/bundle.js",
@@ -56,5 +56,5 @@
      "fetch"
    ]
  },
-  "gitHead": "eb41a3655fe91af94f1c42a51aaa9122edfcf40e"
+  "gitHead": "9acac86ed58616fef31ec4d63021bb221429a425"
 }
@@ -3,6 +3,10 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.

+## [1.37.11](https://github.com/certd/certd/compare/v1.37.10...v1.37.11) (2025-11-28)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
 ## [1.37.10](https://github.com/certd/certd/compare/v1.37.9...v1.37.10) (2025-11-19)

 **Note:** Version bump only for package @certd/lib-k8s
@@ -1,7 +1,7 @@
 {
  "name": "@certd/lib-k8s",
  "private": false,
-  "version": "1.37.10",
+  "version": "1.37.11",
  "type": "module",
  "main": "./dist/index.js",
  "module": "./dist/index.js",
@@ -17,7 +17,7 @@
    "pub": "npm publish"
  },
  "dependencies": {
-    "@certd/basic": "^1.37.10",
+    "@certd/basic": "^1.37.11",
    "@kubernetes/client-node": "0.21.0"
  },
  "devDependencies": {
@@ -32,5 +32,5 @@
    "tslib": "^2.8.1",
    "typescript": "^5.4.2"
  },
-  "gitHead": "eb41a3655fe91af94f1c42a51aaa9122edfcf40e"
+  "gitHead": "9acac86ed58616fef31ec4d63021bb221429a425"
 }
@@ -3,6 +3,12 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.

+## [1.37.11](https://github.com/certd/certd/compare/v1.37.10...v1.37.11) (2025-11-28)
+
+### Performance Improvements
+
+* 支持oidc单点登录 ([ec75afb](https://github.com/certd/certd/commit/ec75afbc44139dbe9da534d8a8c08a5b91f86d3c))
+
 ## [1.37.10](https://github.com/certd/certd/compare/v1.37.9...v1.37.10) (2025-11-19)

 **Note:** Version bump only for package @certd/lib-server
@@ -1,6 +1,6 @@
 {
  "name": "@certd/lib-server",
-  "version": "1.37.10",
+  "version": "1.37.11",
  "description": "midway with flyway, sql upgrade way ",
  "private": false,
  "type": "module",
@@ -28,11 +28,11 @@
  ],
  "license": "AGPL",
  "dependencies": {
-    "@certd/acme-client": "^1.37.10",
-    "@certd/basic": "^1.37.10",
-    "@certd/pipeline": "^1.37.10",
-    "@certd/plugin-lib": "^1.37.10",
-    "@certd/plus-core": "^1.37.10",
+    "@certd/acme-client": "^1.37.11",
+    "@certd/basic": "^1.37.11",
+    "@certd/pipeline": "^1.37.11",
+    "@certd/plugin-lib": "^1.37.11",
+    "@certd/plus-core": "^1.37.11",
    "@midwayjs/cache": "3.14.0",
    "@midwayjs/core": "3.20.11",
    "@midwayjs/i18n": "3.20.13",
@@ -64,5 +64,5 @@
    "typeorm": "^0.3.11",
    "typescript": "^5.4.2"
  },
-  "gitHead": "eb41a3655fe91af94f1c42a51aaa9122edfcf40e"
+  "gitHead": "9acac86ed58616fef31ec4d63021bb221429a425"
 }
@@ -3,6 +3,10 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.

+## [1.37.11](https://github.com/certd/certd/compare/v1.37.10...v1.37.11) (2025-11-28)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
 ## [1.37.10](https://github.com/certd/certd/compare/v1.37.9...v1.37.10) (2025-11-19)

 **Note:** Version bump only for package @certd/midway-flyway-js
@@ -1,6 +1,6 @@
 {
  "name": "@certd/midway-flyway-js",
-  "version": "1.37.10",
+  "version": "1.37.11",
  "description": "midway with flyway, sql upgrade way ",
  "private": false,
  "type": "module",
@@ -46,5 +46,5 @@
    "typeorm": "^0.3.11",
    "typescript": "^5.4.2"
  },
-  "gitHead": "eb41a3655fe91af94f1c42a51aaa9122edfcf40e"
+  "gitHead": "9acac86ed58616fef31ec4d63021bb221429a425"
 }
@@ -3,6 +3,12 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.

+## [1.37.11](https://github.com/certd/certd/compare/v1.37.10...v1.37.11) (2025-11-28)
+
+### Performance Improvements
+
+* ssl.com支持ecc ([b5ec047](https://github.com/certd/certd/commit/b5ec04723db48422f71041f4043002e7f5b450b1))
+
 ## [1.37.10](https://github.com/certd/certd/compare/v1.37.9...v1.37.10) (2025-11-19)

 ### Performance Improvements
@@ -1,7 +1,7 @@
 {
  "name": "@certd/plugin-cert",
  "private": false,
-  "version": "1.37.10",
+  "version": "1.37.11",
  "type": "module",
  "main": "./dist/index.js",
  "types": "./dist/index.d.ts",
@@ -17,10 +17,10 @@
    "compile": "tsc --skipLibCheck --watch"
  },
  "dependencies": {
-    "@certd/acme-client": "^1.37.10",
-    "@certd/basic": "^1.37.10",
-    "@certd/pipeline": "^1.37.10",
-    "@certd/plugin-lib": "^1.37.10",
+    "@certd/acme-client": "^1.37.11",
+    "@certd/basic": "^1.37.11",
+    "@certd/pipeline": "^1.37.11",
+    "@certd/plugin-lib": "^1.37.11",
    "@google-cloud/publicca": "^1.3.0",
    "dayjs": "^1.11.7",
    "jszip": "^3.10.1",
@@ -43,5 +43,5 @@
    "tslib": "^2.8.1",
    "typescript": "^5.4.2"
  },
-  "gitHead": "eb41a3655fe91af94f1c42a51aaa9122edfcf40e"
+  "gitHead": "9acac86ed58616fef31ec4d63021bb221429a425"
 }
@@ -3,6 +3,13 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.

+## [1.37.11](https://github.com/certd/certd/compare/v1.37.10...v1.37.11) (2025-11-28)
+
+### Performance Improvements
+
+*  ssh支持ppk格式私钥 ([575ae16](https://github.com/certd/certd/commit/575ae164c863d0b1f9fa0890549a2ee7472fb469))
+* 优化天翼云cdn 等待5秒部署完成 ([53c88ad](https://github.com/certd/certd/commit/53c88ad5afe66a3f7c38b9b759747918913a4edc))
+
 ## [1.37.10](https://github.com/certd/certd/compare/v1.37.9...v1.37.10) (2025-11-19)

 **Note:** Version bump only for package @certd/plugin-lib
@@ -1,7 +1,7 @@
 {
  "name": "@certd/plugin-lib",
  "private": false,
-  "version": "1.37.10",
+  "version": "1.37.11",
  "type": "module",
  "main": "./dist/index.js",
  "types": "./dist/index.d.ts",
@@ -22,8 +22,8 @@
    "@alicloud/pop-core": "^1.7.10",
    "@alicloud/tea-util": "^1.4.10",
    "@aws-sdk/client-s3": "^3.787.0",
-    "@certd/basic": "^1.37.10",
-    "@certd/pipeline": "^1.37.10",
+    "@certd/basic": "^1.37.11",
+    "@certd/pipeline": "^1.37.11",
    "@kubernetes/client-node": "0.21.0",
    "ali-oss": "^6.22.0",
    "basic-ftp": "^5.0.5",
@@ -53,5 +53,5 @@
    "tslib": "^2.8.1",
    "typescript": "^5.4.2"
  },
-  "gitHead": "eb41a3655fe91af94f1c42a51aaa9122edfcf40e"
+  "gitHead": "9acac86ed58616fef31ec4d63021bb221429a425"
 }
@@ -36,7 +36,7 @@ export class TencentSslClient {

  checkRet(ret: any) {
    if (!ret || ret.Error) {
-      throw new Error("请求失败：" + ret.Error.Code + "," + ret.Error.Message);
+      throw new Error("请求失败：" + ret.Error.Code + "," + ret.Error.Message + ",requestId" + ret.RequestId);
    }
  }

@@ -70,43 +70,33 @@ export class TencentSslClient {
  }

  async deployCertificateInstance(params: any) {
-    const client = await this.getSslClient();
-    const res = await client.DeployCertificateInstance(params);
-    this.checkRet(res);
-    return res;
+    return await this.doRequest("DeployCertificateInstance", params);
  }

  async DescribeHostUploadUpdateRecordDetail(params: any) {
-    const client = await this.getSslClient();
-    const res = await client.request("DescribeHostUploadUpdateRecordDetail", params);
-    this.checkRet(res);
-    return res;
+    return await this.doRequest("DescribeHostUploadUpdateRecordDetail", params);
  }

  async UploadUpdateCertificateInstance(params: any) {
-    const client = await this.getSslClient();
-    const res = await client.request("UploadUpdateCertificateInstance", params);
-    this.checkRet(res);
-    return res;
+    return await this.doRequest("UploadUpdateCertificateInstance", params);
  }

  async DescribeCertificates(params: { Limit?: number; Offset?: number; SearchKey?: string }) {
-    const client = await this.getSslClient();
-    const res = await client.DescribeCertificates({
+    return await this.doRequest("DescribeCertificates", {
      ExpirationSort: "ASC",
      ...params,
    });
-    this.checkRet(res);
-    return res;
  }

  async doRequest(action: string, params: any) {
    const client = await this.getSslClient();
-    if (!client[action]) {
-      throw new Error(`action ${action} not found`);
+    try {
+      const res = await client.request(action, params);
+      this.checkRet(res);
+      return res;
+    } catch (e) {
+      this.logger.error(`action ${action} error: ${e.message},requestId=${e.RequestId}`);
+      throw e;
    }
-    const res = await client[action](params);
-    this.checkRet(res);
-    return res;
  }
 }
@@ -3,6 +3,18 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.

+## [1.37.11](https://github.com/certd/certd/compare/v1.37.10...v1.37.11) (2025-11-28)
+
+### Bug Fixes
+
+* 修复备注撑开表格行高的bug ([c7b298c](https://github.com/certd/certd/commit/c7b298c46f0d52b43bd2bb17b374e7970a446446))
+* 修复域名管理无法创建tencent-eo dns授权的bug ([3406bb5](https://github.com/certd/certd/commit/3406bb5a4a56bb310cddc1a1f410c70909fd129b))
+
+### Performance Improvements
+
+* 优化天翼云cdn 等待5秒部署完成 ([53c88ad](https://github.com/certd/certd/commit/53c88ad5afe66a3f7c38b9b759747918913a4edc))
+* 支持oidc单点登录 ([ec75afb](https://github.com/certd/certd/commit/ec75afbc44139dbe9da534d8a8c08a5b91f86d3c))
+
 ## [1.37.10](https://github.com/certd/certd/compare/v1.37.9...v1.37.10) (2025-11-19)

 ### Performance Improvements
@@ -1,6 +1,6 @@
 {
  "name": "@certd/ui-client",
-  "version": "1.37.10",
+  "version": "1.37.11",
  "private": true,
  "scripts": {
    "dev": "vite --open",
@@ -106,8 +106,8 @@
    "zod-defaults": "^0.1.3"
  },
  "devDependencies": {
-    "@certd/lib-iframe": "^1.37.10",
-    "@certd/pipeline": "^1.37.10",
+    "@certd/lib-iframe": "^1.37.11",
+    "@certd/pipeline": "^1.37.11",
    "@rollup/plugin-commonjs": "^25.0.7",
    "@rollup/plugin-node-resolve": "^15.2.3",
    "@types/chai": "^4.3.12",
@@ -604,7 +604,7 @@ export default {
  limitUserPipelineCountHelper: "0为不限制",
  enableSelfRegistration: "开启自助注册",
  enableUserValidityPeriod: "开启用户有效期",
-  userValidityPeriodHelper: "有效期内用户可正常使用，失效后流水线将被停用",
+  userValidityPeriodHelper: "有效期内用户可正常使用，失效后用户的流水线将被停用",
  enableUsernameRegistration: "开启用户名注册",
  enableEmailRegistration: "开启邮箱注册",
  proFeature: "专业版功能",
@@ -762,12 +762,12 @@ export default {
      fixedCertExpireDaysHelper: "固定证书有效期天数，有助于列表进度条整齐显示",
      fixedCertExpireDaysRecommend: "推荐90",

-      enableOauth: "启用OAuth2登录",
-      oauthEnabledHelper: "是否启用OAuth2登录",
-      oauthProviders: "OAuth2登录提供商",
-      oauthType: "OAuth2登录类型",
-      oauthConfig: "OAuth2登录配置",
-      oauthProviderSelectorPlaceholder: "请选择OAuth2登录提供商",
+      enableOauth: "启用第三方登录",
+      oauthEnabledHelper: "是否启用第三方登录",
+      oauthProviders: "第三方登录提供商",
+      oauthType: "第三方登录类型",
+      oauthConfig: "第三方登录配置",
+      oauthProviderSelectorPlaceholder: "请选择第三方登录提供商",
    },
  },
  modal: {
@@ -22,3 +22,36 @@ export async function UpdateProfile(form: any) {
    data: form,
  });
 }
+
+export async function GetOauthBounds() {
+  return await request({
+    url: "/oauth/bounds",
+    method: "POST",
+  });
+}
+
+export async function GetOauthProviders() {
+  return await request({
+    url: "/oauth/providers",
+    method: "POST",
+  });
+}
+
+export async function UnbindOauth(type: string) {
+  return await request({
+    url: "/oauth/unbind",
+    method: "POST",
+    data: { type },
+  });
+}
+
+export async function OauthBoundUrl(type: string) {
+  return await request({
+    url: "/oauth/login",
+    method: "POST",
+    data: {
+      type,
+      forType: "bind",
+    },
+  });
+}
@@ -15,7 +15,14 @@
        </a-descriptions-item>
        <a-descriptions-item :label="t('authentication.email')">{{ userInfo.email }}</a-descriptions-item>
        <a-descriptions-item :label="t('authentication.phoneNumber')">{{ userInfo.phoneCode }}{{ userInfo.mobile }}</a-descriptions-item>
-        <a-descriptions-item></a-descriptions-item>
+        <a-descriptions-item v-if="settingStore.sysPublic.oauthEnabled && settingStore.isPlus" label="第三方账号绑定">
+          <div v-for="item in computedOauthBounds" :key="item.name" class="flex items-center gap-2">
+            <fs-icon :icon="item.icon" class="mr-2 text-blue-500" />
+            <span class="mr-2 w-36">{{ item.title }}</span>
+            <a-button v-if="item.bound" type="link" danger @click="unbind(item.name)">解绑</a-button>
+            <a-button v-else type="primary" @click="bind(item.name)">绑定</a-button>
+          </div>
+        </a-descriptions-item>
        <a-descriptions-item :label="t('common.handle')">
          <a-button type="primary" @click="doUpdate">{{ t("authentication.updateProfile") }}</a-button>
          <change-password-button class="ml-10" :show-button="true"> </change-password-button>
@@ -27,10 +34,12 @@

 <script lang="ts" setup>
 import * as api from "./api";
-import { Ref, ref } from "vue";
+import { computed, onMounted, Ref, ref } from "vue";
 import ChangePasswordButton from "/@/views/certd/mine/change-password-button.vue";
 import { useI18n } from "/src/locales";
 import { useUserProfile } from "./use";
+import { Modal } from "ant-design-vue";
+import { useSettingStore } from "/@/store/settings";

 const { t } = useI18n();

@@ -38,13 +47,13 @@ defineOptions({
  name: "UserProfile",
 });

+const settingStore = useSettingStore();
+
 const userInfo: Ref = ref({});

 const getUserInfo = async () => {
  userInfo.value = await api.getMineInfo();
 };
-getUserInfo();
-
 const { openEditProfileDialog } = useUserProfile();

 function doUpdate() {
@@ -54,4 +63,51 @@ function doUpdate() {
    },
  });
 }
+
+const oauthBounds = ref([]);
+const oauthProviders = ref([]);
+async function loadOauthBounds() {
+  const res = await api.GetOauthBounds();
+  oauthBounds.value = res;
+}
+async function loadOauthProviders() {
+  const res = await api.GetOauthProviders();
+  oauthProviders.value = res;
+}
+
+const computedOauthBounds = computed(() => {
+  const list = oauthProviders.value.map(item => {
+    const bound = oauthBounds.value.find(bound => bound.type === item.name);
+    return {
+      ...item,
+      bound,
+    };
+  });
+  return list;
+});
+
+async function unbind(type: string) {
+  Modal.confirm({
+    title: "确认解绑吗？",
+    okText: "确认",
+    okType: "danger",
+    onOk: async () => {
+      await api.UnbindOauth(type);
+      await loadOauthBounds();
+    },
+  });
+}
+
+async function bind(type: string) {
+  //获取第三方登录URL
+  const res = await api.OauthBoundUrl(type);
+  const loginUrl = res.loginUrl;
+  window.location.href = loginUrl;
+}
+
+onMounted(async () => {
+  await getUserInfo();
+  await loadOauthBounds();
+  await loadOauthProviders();
+});
 </script>
@@ -65,7 +65,7 @@
        </div>
      </a-form-item>

-      <div v-if="!queryBindCode" class="w-full">
+      <div v-if="!queryBindCode && settingStore.sysPublic.oauthEnabled && settingStore.isPlus" class="w-full">
        <oauth-footer></oauth-footer>
      </div>
    </a-form>
@@ -82,7 +82,7 @@
        <loading-button type="primary" size="large" html-type="button" class="login-button" :click="handleTwoFactorSubmit">OTP验证登录</loading-button>
      </a-form-item>

-      <a-form-item class="user-login-other">
+      <a-form-item class="mt-10">
        <a class="register" @click="twoFactor.loginId = null"> 返回 </a>
      </a-form-item>
    </a-form>
@@ -2,12 +2,13 @@ import { request } from "/src/api/service";

 const apiPrefix = "/oauth";

-export async function OauthLogin(type: string) {
+export async function OauthLogin(type: string, forType?: string) {
  return await request({
    url: apiPrefix + `/login`,
    method: "post",
    data: {
      type,
+      forType: forType || "login",
    },
  });
 }
@@ -5,16 +5,16 @@
        <span v-if="!error">登录中...</span>
        <span v-else>{{ error }}</span>
      </div>
-      <div v-else class="oauth-callback-title">
-        <div>第三方登录成功，还未绑定账号，请选择</div>
+      <div v-else class="oauth-callback-title mt-10">
+        <div>第三方（{{ oauthType }}）登录成功，您还未绑定账号，请选择</div>

-        <div>
-          <a-button class="w-full mt-5" type="primary" @click="goBindUser">绑定已有账号</a-button>
-          <a-button class="w-full mt-5" type="primary" @click="autoRegister">创建新账号</a-button>
+        <div class="mt-10">
+          <a-button class="w-full mt-10" type="primary" @click="goBindUser">绑定已有账号</a-button>
+          <a-button v-if="settingStore.sysPublic.registerEnabled" class="w-full mt-10" type="primary" @click="autoRegister">创建新账号</a-button>
        </div>

-        <div class="w-full mt-5">
-          <router-link to="/login" class="w-full mt-5" type="primary">返回登录页</router-link>
+        <div class="w-full mt-10">
+          <router-link to="/login" class="w-full mt-10" type="primary">返回登录页</router-link>
        </div>
      </div>
    </div>
@@ -26,11 +26,15 @@ import { ref, onMounted } from "vue";
 import * as api from "./api";
 import { useRoute, useRouter } from "vue-router";
 import { useUserStore } from "/@/store/user";
+import { notification } from "ant-design-vue";
+import { useSettingStore } from "/@/store/settings";

 const route = useRoute();
 const router = useRouter();
+const settingStore = useSettingStore();
 const oauthType = route.params.type as string;
 const validationCode = route.query.validationCode as string;
+const forType = route.query.forType as string;
 const error = ref(route.query.error as string);
 const userStore = useUserStore();

@@ -58,6 +62,18 @@ onMounted(async () => {
  if (error.value) {
    return;
  }
+
+  if (forType === "bind") {
+    //绑定第三方账号
+    await api.BindUser(validationCode);
+    notification.success({
+      message: "绑定成功",
+    });
+    //跳转到首页
+    router.replace("/certd/mine/user-profile");
+    return;
+  }
+
  await handleOauthToken();
 });

@@ -86,7 +102,7 @@ async function autoRegister() {
  justify-content: center;
  align-items: center;
  gap: 16px;
-
+  width: 100%;
  .oauth-callback-content {
    display: flex;
    justify-content: center;
@@ -96,12 +112,14 @@ async function autoRegister() {
    border-radius: 16px;
    box-shadow: 0 0 16px rgba(0, 0, 0, 0.1);
    width: 500px;
+    max-width: 90%;
    margin: 0 auto;
    margin-top: 50px;
    margin-bottom: 100px;
+    min-height: 200px;

    .oauth-callback-title {
-      font-size: 24px;
+      font-size: 16px;
      font-weight: 500;
    }
  }
@@ -54,39 +54,40 @@
            <div class="helper">{{ t("certd.saveThenTest") }}</div>
          </a-form-item>
        </template>
-        <a-form-item :label="t('certd.sys.setting.enableOauth')" :name="['public', 'oauthEnabled']">
-          <div class="flex-o">
-            <a-switch v-model:checked="formState.public.oauthEnabled" :disabled="!settingsStore.isPlus" :title="t('certd.plusFeature')" />
-            <vip-button class="ml-5" mode="button"></vip-button>
-          </div>
-        </a-form-item>
-        <a-form-item v-if="formState.public.oauthEnabled" :label="t('certd.sys.setting.oauthProviders')" :name="['public', 'oauthProviders']">
-          <div class="flex flex-wrap">
-            <table class="w-full table-auto border-collapse border border-gray-400">
-              <thead>
-                <tr>
-                  <th class="border border-gray-300 px-4 py-2 w-1/2">{{ t("certd.sys.setting.oauthType") }}</th>
-                  <th class="border border-gray-300 px-4 py-2 w-1/2">{{ t("certd.sys.setting.oauthConfig") }}</th>
-                </tr>
-              </thead>
-              <tbody>
-                <tr v-for="(item, key) of oauthProviders" :key="key">
-                  <td class="border border-gray-300 px-4 py-2">
-                    <div class="flex items-center" :title="item.desc">
-                      <fs-icon :icon="item.icon" class="mr-2 text-blue-600" />
-                      {{ item.title }}
-                    </div>
-                  </td>
-                  <td class="border border-gray-300 px-4 py-2">
-                    <AddonSelector v-model:model-value="item.addonId" addon-type="oauth" from="sys" :type="item.name" :placeholder="t('certd.sys.setting.oauthProviderSelectorPlaceholder')" />
-                  </td>
-                </tr>
-              </tbody>
-            </table>
-          </div>
-        </a-form-item>
      </template>

+      <a-form-item :label="t('certd.sys.setting.enableOauth')" :name="['public', 'oauthEnabled']">
+        <div class="flex-o">
+          <a-switch v-model:checked="formState.public.oauthEnabled" :disabled="!settingsStore.isPlus" :title="t('certd.plusFeature')" />
+          <vip-button class="ml-5" mode="button"></vip-button>
+        </div>
+      </a-form-item>
+      <a-form-item v-if="formState.public.oauthEnabled" :label="t('certd.sys.setting.oauthProviders')" :name="['public', 'oauthProviders']">
+        <div class="flex flex-wrap">
+          <table class="w-full table-auto border-collapse border border-gray-400">
+            <thead>
+              <tr>
+                <th class="border border-gray-300 px-4 py-2 w-1/2">{{ t("certd.sys.setting.oauthType") }}</th>
+                <th class="border border-gray-300 px-4 py-2 w-1/2">{{ t("certd.sys.setting.oauthConfig") }}</th>
+              </tr>
+            </thead>
+            <tbody>
+              <tr v-for="(item, key) of oauthProviders" :key="key">
+                <td class="border border-gray-300 px-4 py-2">
+                  <div class="flex items-center" :title="item.desc">
+                    <fs-icon :icon="item.icon" class="mr-2 text-blue-600" />
+                    {{ item.title }}
+                  </div>
+                </td>
+                <td class="border border-gray-300 px-4 py-2">
+                  <AddonSelector v-model:model-value="item.addonId" addon-type="oauth" from="sys" :type="item.name" :placeholder="t('certd.sys.setting.oauthProviderSelectorPlaceholder')" />
+                </td>
+              </tr>
+            </tbody>
+          </table>
+        </div>
+      </a-form-item>
+
      <a-form-item label=" " :colon="false" :wrapper-col="{ span: 16 }">
        <a-button :loading="saveLoading" type="primary" html-type="submit">{{ t("certd.saveButton") }}</a-button>
      </a-form-item>
@@ -3,6 +3,18 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.

+## [1.37.11](https://github.com/certd/certd/compare/v1.37.10...v1.37.11) (2025-11-28)
+
+### Bug Fixes
+
+* 修复阿里云 waf tlsVersion参数缺失导致部署失败的问题 ([2fabee6](https://github.com/certd/certd/commit/2fabee647acf64afe689f5bea3603028cd0ba4a2))
+* 修复域名管理无法创建tencent-eo dns授权的bug ([3406bb5](https://github.com/certd/certd/commit/3406bb5a4a56bb310cddc1a1f410c70909fd129b))
+
+### Performance Improvements
+
+* 优化天翼云cdn 等待5秒部署完成 ([53c88ad](https://github.com/certd/certd/commit/53c88ad5afe66a3f7c38b9b759747918913a4edc))
+* 支持oidc单点登录 ([ec75afb](https://github.com/certd/certd/commit/ec75afbc44139dbe9da534d8a8c08a5b91f86d3c))
+
 ## [1.37.10](https://github.com/certd/certd/compare/v1.37.9...v1.37.10) (2025-11-19)

 ### Performance Improvements
@@ -0,0 +1,14 @@
+
+CREATE TABLE `cd_oauth_bound`
+(
+  `id`          bigint PRIMARY KEY AUTO_INCREMENT NOT NULL,
+  `user_id`     bigint      NOT NULL,
+  `type`        varchar(512) NOT NULL,
+  `open_id`     varchar(512) NOT NULL,
+  `create_time` timestamp     NOT NULL DEFAULT CURRENT_TIMESTAMP,
+  `update_time` timestamp     NOT NULL DEFAULT CURRENT_TIMESTAMP
+);
+
+
+CREATE INDEX `index_oauth_bound_user_id` ON `cd_oauth_bound` (`user_id`);
+CREATE INDEX `index_oauth_bound_open_id` ON `cd_oauth_bound` (`open_id`);
@@ -0,0 +1,14 @@
+
+CREATE TABLE "cd_oauth_bound"
+(
+  "id"          bigint PRIMARY KEY GENERATED BY DEFAULT AS IDENTITY NOT NULL,
+  "user_id"     bigint      NOT NULL,
+  "type"        varchar(512) NOT NULL,
+  "open_id"     varchar(512) NOT NULL,
+  "create_time" timestamp     NOT NULL DEFAULT (CURRENT_TIMESTAMP),
+  "update_time" timestamp     NOT NULL DEFAULT (CURRENT_TIMESTAMP)
+);
+
+
+CREATE INDEX "index_oauth_bound_user_id" ON "cd_oauth_bound" ("user_id");
+CREATE INDEX "index_oauth_bound_open_id" ON "cd_oauth_bound" ("open_id");
@@ -1,6 +1,6 @@
 {
  "name": "@certd/ui-server",
-  "version": "1.37.10",
+  "version": "1.37.11",
  "description": "fast-server base midway",
  "private": true,
  "type": "module",
@@ -45,20 +45,20 @@
    "@aws-sdk/client-cloudfront": "^3.699.0",
    "@aws-sdk/client-iam": "^3.699.0",
    "@aws-sdk/client-s3": "^3.705.0",
-    "@certd/acme-client": "^1.37.10",
-    "@certd/basic": "^1.37.10",
-    "@certd/commercial-core": "^1.37.10",
+    "@certd/acme-client": "^1.37.11",
+    "@certd/basic": "^1.37.11",
+    "@certd/commercial-core": "^1.37.11",
    "@certd/cv4pve-api-javascript": "^8.4.2",
-    "@certd/jdcloud": "^1.37.10",
-    "@certd/lib-huawei": "^1.37.10",
-    "@certd/lib-k8s": "^1.37.10",
-    "@certd/lib-server": "^1.37.10",
-    "@certd/midway-flyway-js": "^1.37.10",
-    "@certd/pipeline": "^1.37.10",
-    "@certd/plugin-cert": "^1.37.10",
-    "@certd/plugin-lib": "^1.37.10",
-    "@certd/plugin-plus": "^1.37.10",
-    "@certd/plus-core": "^1.37.10",
+    "@certd/jdcloud": "^1.37.11",
+    "@certd/lib-huawei": "^1.37.11",
+    "@certd/lib-k8s": "^1.37.11",
+    "@certd/lib-server": "^1.37.11",
+    "@certd/midway-flyway-js": "^1.37.11",
+    "@certd/pipeline": "^1.37.11",
+    "@certd/plugin-cert": "^1.37.11",
+    "@certd/plugin-lib": "^1.37.11",
+    "@certd/plugin-plus": "^1.37.11",
+    "@certd/plus-core": "^1.37.11",
    "@huaweicloud/huaweicloud-sdk-cdn": "^3.1.120",
    "@huaweicloud/huaweicloud-sdk-core": "^3.1.120",
    "@koa/cors": "^5.0.0",
@@ -6,9 +6,10 @@ import { LoginService } from "../../../modules/login/service/login-service.js";
 import { CodeService } from "../../../modules/basic/service/code-service.js";
 import { UserService } from "../../../modules/sys/authority/service/user-service.js";
 import { UserEntity } from "../../../modules/sys/authority/entity/user.js";
-import { logger, simpleNanoId } from "@certd/basic";
+import { logger, simpleNanoId, utils } from "@certd/basic";
 import { OauthBoundService } from "../../../modules/login/service/oauth-bound-service.js";
 import { OauthBoundEntity } from "../../../modules/login/entity/oauth-bound.js";
+import { checkPlus } from "@certd/plus-core";

 /**
 */
@@ -50,14 +51,14 @@ export class ConnectController extends BaseController {
  }

  @Post('/login', { summary: Constants.per.guest })
-  public async login(@Body(ALL) body: { type: string }) {
+  public async login(@Body(ALL) body: { type: string, forType?:string }) {

    const addon = await this.getOauthProvider(body.type);
    const installInfo = await this.sysSettingsService.getSetting<SysInstallInfo>(SysInstallInfo);
    const bindUrl = installInfo?.bindUrl || "";
    //构造登录url
    const redirectUrl = `${bindUrl}api/oauth/callback/${body.type}`;
-    const { loginUrl, ticketValue } = await addon.buildLoginUrl({ redirectUri: redirectUrl });
+    const { loginUrl, ticketValue } = await addon.buildLoginUrl({ redirectUri: redirectUrl, forType: body.forType });
    const ticket = this.codeService.setValidationValue(ticketValue)
    this.ctx.cookies.set("oauth_ticket", ticket, {
      httpOnly: true,
@@ -68,6 +69,9 @@ export class ConnectController extends BaseController {
  }
  @Get('/callback/:type', { summary: Constants.per.guest })
  public async callback(@Param('type') type: string, @Query() query: Record<string, string>) {
+
+    checkPlus()
+
    //处理登录回调
    const addon = await this.getOauthProvider(type);
    const request = this.ctx.request;
@@ -103,7 +107,9 @@ export class ConnectController extends BaseController {
        userInfo,
      });

-      const redirectUrl = `${bindUrl}#/oauth/callback/${type}?validationCode=${validationCode}`;
+      const state = JSON.parse(utils.hash.base64Decode(query.state));
+
+      const redirectUrl = `${bindUrl}#/oauth/callback/${type}?validationCode=${validationCode}&forType=${state.forType}`;
      this.ctx.redirect(redirectUrl);
    } catch (err) {
      logger.error(err);
@@ -115,6 +121,7 @@ export class ConnectController extends BaseController {

  @Post('/token', { summary: Constants.per.guest })
  public async token(@Body(ALL) body: { validationCode: string, type: string }) {
+    checkPlus()
    const validationValue = await this.codeService.getValidationValue(body.validationCode);
    if (!validationValue) {
      throw new Error("校验码错误");
@@ -140,24 +147,6 @@ export class ConnectController extends BaseController {
    return this.ok(loginRes);
  }

-  @Post('/bind', { summary: Constants.per.loginOnly })
-  public async bind(@Body(ALL) body: any) {
-    //需要已登录
-    const userId = this.getUserId();
-    const validationValue = this.codeService.getValidationValue(body.validationCode);
-    if (!validationValue) {
-      throw new Error("校验码错误");
-    }
-    const type = validationValue.type;
-    const userInfo = validationValue.userInfo;
-    const openId = userInfo.openId;
-    await this.oauthBoundService.bind({
-      userId,
-      type,
-      openId,
-    });
-    return this.ok(1);
-  }

  @Post('/autoRegister', { summary: Constants.per.guest })
  public async autoRegister(@Body(ALL) body: { validationCode: string, type: string }) {
@@ -185,6 +174,26 @@ export class ConnectController extends BaseController {
    return this.ok(loginRes);
  }

+
+  @Post('/bind', { summary: Constants.per.loginOnly })
+  public async bind(@Body(ALL) body: any) {
+    //需要已登录
+    const userId = this.getUserId();
+    const validationValue = this.codeService.getValidationValue(body.validationCode);
+    if (!validationValue) {
+      throw new Error("校验码错误");
+    }
+    const type = validationValue.type;
+    const userInfo = validationValue.userInfo;
+    const openId = userInfo.openId;
+    await this.oauthBoundService.bind({
+      userId,
+      type,
+      openId,
+    });
+    return this.ok(1);
+  }
+
  @Post('/unbind', { summary: Constants.per.loginOnly })
  public async unbind(@Body(ALL) body: any) {
    //需要已登录
@@ -196,6 +205,18 @@ export class ConnectController extends BaseController {
    return this.ok(1);
  }

+   @Post('/bounds', { summary: Constants.per.loginOnly })
+  public async bounds(@Body(ALL) body: any) {
+    //需要已登录
+    const userId = this.getUserId();
+    const bounds = await this.oauthBoundService.find({
+      where :{
+        userId,
+      }
+    });
+    return this.ok(bounds);
+  }
+
  @Post('/providers', { summary: Constants.per.guest })
  public async providers() {
    const list = addonRegistry.getDefineList("oauth");
@@ -44,8 +44,11 @@ export class OauthBoundService extends BaseService<OauthBoundEntity> {
        type,
      },
    });
-    if (exist) {
-      throw new Error('该第三方账号已绑定用户');
+    if (exist ) {
+      if(exist.userId === userId){
+        return;
+      }
+      throw new Error('该第三方账号已绑定其他用户');
    }

    const exist2 = await this.repository.findOne({
@@ -38,6 +38,6 @@ export type LoginUrlReply = {
 }

 export interface IOauthProvider {
-    buildLoginUrl: (params: { redirectUri: string }) => Promise<LoginUrlReply>;
+    buildLoginUrl: (params: { redirectUri: string, forType?: string }) => Promise<LoginUrlReply>;
    onCallback: (params: OnCallbackReq) => Promise<OauthToken>;
 }
@@ -29,7 +29,7 @@ export class OidcOauthProvider extends BaseAddon implements IOauthProvider {

  @AddonInput({
    title: "服务地址",
-    helper: "Issuer地址",
+    helper: "Issuer地址，去掉/.well-known/openid-configuration的服务发现地址",
    component: {
      placeholder: "https://oidc.example.com/oidc",
    },
@@ -56,7 +56,7 @@ export class OidcOauthProvider extends BaseAddon implements IOauthProvider {
    }
  }
  
-  async buildLoginUrl(params: { redirectUri: string }) {
+  async buildLoginUrl(params: { redirectUri: string, forType?: string }) {
    const { config, client } = await this.getClient()

    let redirect_uri = new URL(params.redirectUri)
@@ -69,7 +69,10 @@ export class OidcOauthProvider extends BaseAddon implements IOauthProvider {
     */
    let code_verifier = client.randomPKCECodeVerifier()
    let code_challenge = await client.calculatePKCECodeChallenge(code_verifier)
-    let state = client.randomState()
+    let state:any = {
+      forType: params.forType || 'login',
+    }
+    state = this.ctx.utils.hash.base64(JSON.stringify(state))

    let parameters: any = {
      redirect_uri,
@@ -90,13 +93,11 @@ export class OidcOauthProvider extends BaseAddon implements IOauthProvider {
    // }

    let redirectTo = client.buildAuthorizationUrl(config, parameters)
-
-    // now redirect the user to redirectTo.href
-    console.log('redirecting to', redirectTo.href)
    return {
      loginUrl: redirectTo.href,
      ticketValue: {
        codeVerifier: code_verifier,
+        state,
      },
    };
  }
@@ -114,7 +115,6 @@ export class OidcOauthProvider extends BaseAddon implements IOauthProvider {
      }
    )

-    console.log('Token Endpoint Response', tokens)
    const claims = tokens.claims()
    return {
      token:{
@@ -124,6 +124,9 @@ export class TencentRefreshCert extends AbstractTaskPlugin {

    let resourceTypes = []
    const resourceTypesRegions = []
+    if(!this.resourceTypesRegions){
+      this.resourceTypesRegions = []
+    }
    for (const item of this.resourceTypesRegions) {
      const [type,region] = item.split("_")
      if (!resourceTypes.includes( type)){
@@ -156,13 +159,17 @@ export class TencentRefreshCert extends AbstractTaskPlugin {
          break;
        }
        retryCount++
-        deployRes = await sslClient.UploadUpdateCertificateInstance({
-          OldCertificateId: certId,
+        const params = {
+          "OldCertificateId": certId,
          "ResourceTypes": resourceTypes,
-          "CertificatePublicKey": this.cert.crt,
-          "CertificatePrivateKey": this.cert.key,
+          "CertificatePublicKey": "xxx",
+          "CertificatePrivateKey": "xxx",
          "ResourceTypesRegions":resourceTypesRegions
-        });
+        }
+        this.logger.info(`请求参数：${JSON.stringify(params)}`);
+        params.CertificatePublicKey = this.cert.crt
+        params.CertificatePrivateKey = this.cert.key
+        deployRes = await sslClient.UploadUpdateCertificateInstance(params);
        if (deployRes && deployRes.DeployRecordId>0){
          this.logger.info(`任务创建成功，开始检查结果：${JSON.stringify(deployRes)}`);
          break;
@@ -325,7 +332,7 @@ export class TencentRefreshCert extends AbstractTaskPlugin {
     */
    const options = list.map((item: any) => {
      return {
-        label: `${item.Alias}<${item.Domain}_${item.CertificateId}>`,
+        label: `${item.CertificateId}<${item.Domain}_${item.Alias}_${item.BoundResource.length}>`,
        value: item.CertificateId,
        domain: item.SubjectAltName,
      };
@@ -1 +1 @@
-23:54
+04:17
Author	SHA1	Message	Date
xiaojunnuo	77d52b323d	build: publish	2025-11-29 04:17:51 +08:00
xiaojunnuo	ca8e8bf6ef	build: trigger build image	2025-11-29 04:17:34 +08:00
xiaojunnuo	9acac86ed5	v1.37.11	2025-11-29 04:15:57 +08:00
xiaojunnuo	ba5007219d	build: prepare to build	2025-11-29 04:13:44 +08:00
xiaojunnuo	ec046fd599	build: prepare to build	2025-11-29 04:10:55 +08:00
xiaojunnuo	5452ff1153	build: prepare to build	2025-11-29 04:08:56 +08:00
xiaojunnuo	d03b1e0608	chore: 数据库脚本同步	2025-11-29 04:06:51 +08:00
xiaojunnuo	53c88ad5af	perf: 优化天翼云cdn 等待5秒部署完成	2025-11-29 03:25:21 +08:00
@@ -1 +1 @@
 :49
 :13
@@ -1 +1 @@
 :54
 :17